3 Steps to Overcome hazards Heartbleed - Heartbleed is a new security hole that can open millions of passwords . Even more surprising , the threat Heartbleed has lived for more than two years with no one party is aware of its existence .
Are researchers from a security company Codenomicon in Finland that one of its members is also a Google researcher , who has discovered the existence Heartbleed . By way of paving the way in encryption technology , Heartbleed successfully menyatroni almost all web -based OpenSSL and steal user data in it , including the password , credit card , email , etc. .
Even though when the website is called safe with padlock and https:// in the browser , the Heartbleed can still get in and parse the data encryption that is in the site . This is obviously very dangerous to your new pioneering online buying and selling websites , for example .
If previously said big businesses like Yahoo and Google become the main target Heartbleed , different from the view of security startup Lasline owner , Giovanni Vigna . He said even small companies had been the target of Hearbleed because generally they do not have a qualified security shield . So what can be done ?
1 . OpenSSL update with a new version that has been equipped with a fix . This will close the security gap and make you re- secure software . In the new version has been given a new certificate ( read : secret key ) which will tell the user to change their password .
2 . Notify all users and your employees that your site has been returned safe and advise them to change their usernames and passwords . It is recommended that the circuit needs to do a password change : change now , once in saminggu and once a month , starting today .
3 . Cyberattack would surely cripple the central business you run , needs a lot of cost to repair and damage the image of your business being pioneered. Therefore you should immediately diagnose your web security , one way to check in here .
Are researchers from a security company Codenomicon in Finland that one of its members is also a Google researcher , who has discovered the existence Heartbleed . By way of paving the way in encryption technology , Heartbleed successfully menyatroni almost all web -based OpenSSL and steal user data in it , including the password , credit card , email , etc. .
Even though when the website is called safe with padlock and https:// in the browser , the Heartbleed can still get in and parse the data encryption that is in the site . This is obviously very dangerous to your new pioneering online buying and selling websites , for example .
If previously said big businesses like Yahoo and Google become the main target Heartbleed , different from the view of security startup Lasline owner , Giovanni Vigna . He said even small companies had been the target of Hearbleed because generally they do not have a qualified security shield . So what can be done ?
1 . OpenSSL update with a new version that has been equipped with a fix . This will close the security gap and make you re- secure software . In the new version has been given a new certificate ( read : secret key ) which will tell the user to change their password .
2 . Notify all users and your employees that your site has been returned safe and advise them to change their usernames and passwords . It is recommended that the circuit needs to do a password change : change now , once in saminggu and once a month , starting today .
3 . Cyberattack would surely cripple the central business you run , needs a lot of cost to repair and damage the image of your business being pioneered. Therefore you should immediately diagnose your web security , one way to check in here .